This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft File: Mnib05LhxcabdCDMA2gDrxJYzvk.mft (raw, json) Hash identifier: VUxZ5tRzBJ6mPOlB2bY/dZEuRWcjdWr4pqI3OEN/3OM= Subject key identifier: B2:C6:EA:41:ED:D1:7D:1C:AF:A2:4F:A8:25:0A:EC:B5:68:81:F0:D3 Authority key identifier: 32:78:9B:D3:92:E1:C5:C6:9B:74:20:CC:03:68:03:AF:12:58:CE:F9 Certificate issuer: /CN=32789bd392e1c5c69b7420cc036803af1258cef9 Certificate serial: 019B40C939859DF0017409064A49DB5DC4AD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft Manifest number: 08DC Signing time: Sun 21 Dec 2025 12:01:27 +0000 Manifest this update: Sun 21 Dec 2025 12:01:27 +0000 Manifest next update: Mon 22 Dec 2025 12:01:27 +0000 Files and hashes: 1: Mnib05LhxcabdCDMA2gDrxJYzvk.crl (hash: /qJMiRKj7xYdeyYe2z9Nc9qySiUyx0dM7YdGB0TLz3I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.crl rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 12:01:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:c9:39:85:9d:f0:01:74:09:06:4a:49:db:5d:c4:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=32789bd392e1c5c69b7420cc036803af1258cef9 Validity Not Before: Dec 21 12:01:27 2025 GMT Not After : Dec 22 12:01:27 2025 GMT Subject: CN=b2c6ea41edd17d1cafa24fa8250aecb56881f0d3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:c7:0a:03:62:14:87:19:6d:af:85:f9:1b:86: be:cd:20:5e:a9:0c:39:6c:e2:11:99:2e:1d:c0:79: 70:a0:e3:69:9f:f1:0e:43:e3:ae:9a:a2:f1:64:e5: aa:1b:21:8e:c4:a7:ec:08:90:c1:cd:eb:c9:ac:2a: e3:49:8a:cb:88:dd:ba:f8:af:d7:4b:6c:af:06:08: f5:9a:8b:d8:74:14:21:37:75:3e:52:7e:73:19:69: 9f:ec:e8:b8:61:46:b7:ab:2b:cd:0a:11:20:16:c6: 74:2d:8b:7d:d1:86:93:3e:ef:a0:a9:f9:81:28:aa: 9c:5c:0a:62:42:c7:dd:1f:c5:4a:32:46:36:11:bf: 31:66:a2:0d:09:65:0e:5d:b2:c3:2d:da:b0:6e:45: c0:87:5b:c7:ea:d0:12:ee:0d:a9:e9:c4:fe:60:d6: ae:18:6b:1b:e8:09:3d:9a:ce:c6:76:88:79:f9:c7: ab:51:69:85:54:0e:29:44:69:0f:9f:1c:22:38:e3: 99:7a:ba:56:71:b8:5e:2e:59:7d:72:dd:e6:d2:26: 7d:16:41:8a:ab:b6:fa:ec:1e:92:59:61:d0:c2:f7: 36:38:61:e5:04:bb:2e:db:dc:d5:bd:82:83:05:33: f5:66:30:32:24:f1:75:e5:e3:7c:b5:15:e6:5b:0d: 34:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:C6:EA:41:ED:D1:7D:1C:AF:A2:4F:A8:25:0A:EC:B5:68:81:F0:D3 X509v3 Authority Key Identifier: keyid:32:78:9B:D3:92:E1:C5:C6:9B:74:20:CC:03:68:03:AF:12:58:CE:F9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9c:6d:d6:ad:00:e6:6c:8d:13:e0:d1:2b:56:64:7c:ea:74:37: 2e:15:65:ff:f8:ac:84:2e:f5:f7:0b:22:2d:bf:c3:a7:95:f5: b9:87:9b:92:9b:51:fd:3a:2a:42:41:98:bd:5f:f5:9d:c7:3f: 64:b1:cd:f3:de:88:55:b3:e0:6d:46:d7:f9:33:0c:76:4b:ce: c7:2c:af:8a:af:68:d2:eb:1a:a0:19:b0:0a:9f:cc:95:20:bc: c9:1b:ab:7c:57:65:f4:08:16:bb:3c:44:86:fa:23:32:0c:b8: 1a:51:16:4c:f1:9a:50:77:b5:b8:43:b4:29:5d:80:8c:13:00: 97:9e:d5:f8:d1:d1:87:5f:63:ef:e6:df:d4:2e:e7:c0:f2:ee: 3c:e8:84:e1:e6:56:13:06:45:09:9d:cb:e4:2b:ee:b0:87:14: 60:f8:54:16:06:0d:4d:e9:68:8e:c7:72:56:47:48:cf:25:56: d7:1b:b7:8a:51:63:d5:d6:25:c1:e3:c4:96:4d:31:32:c8:f3: 21:4c:24:b9:42:21:23:82:69:94:28:42:4e:f8:04:a2:f6:ec: 78:ca:f1:a8:c7:24:05:0c:a2:4b:66:a9:7e:21:f2:11:fc:fc: 60:38:10:21:0a:f2:92:67:d9:7f:b5:9a:73:8a:1c:a3:d9:f5: 06:12:7c:e1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtAyTmFnfABdAkGSknbXcStMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMyNzg5YmQzOTJlMWM1YzY5Yjc0MjBjYzAzNjgwM2FmMTI1 OGNlZjkwHhcNMjUxMjIxMTIwMTI3WhcNMjUxMjIyMTIwMTI3WjAzMTEwLwYDVQQD EyhiMmM2ZWE0MWVkZDE3ZDFjYWZhMjRmYTgyNTBhZWNiNTY4ODFmMGQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtccKA2IUhxltr4X5G4a+zSBeqQw5 bOIRmS4dwHlwoONpn/EOQ+OumqLxZOWqGyGOxKfsCJDBzevJrCrjSYrLiN26+K/X S2yvBgj1movYdBQhN3U+Un5zGWmf7Oi4YUa3qyvNChEgFsZ0LYt90YaTPu+gqfmB KKqcXApiQsfdH8VKMkY2Eb8xZqINCWUOXbLDLdqwbkXAh1vH6tAS7g2p6cT+YNau GGsb6Ak9ms7Gdoh5+cerUWmFVA4pRGkPnxwiOOOZerpWcbheLll9ct3m0iZ9FkGK q7b67B6SWWHQwvc2OGHlBLsu29zVvYKDBTP1ZjAyJPF15eN8tRXmWw00jQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLLG6kHt0X0cr6JPqCUK7LVogfDTMB8GA1UdIwQY MBaAFDJ4m9OS4cXGm3QgzANoA68SWM75MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xYzE3ZDYtM2ZkNC00YmExLWJlNGMt Mzg2NmQ0NDEyODkzLzEvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NC8xYzE3ZDYtM2ZkNC00YmExLWJlNGMtMzg2NmQ0NDEyODkz LzEvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnG3WrQDm bI0T4NErVmR86nQ3LhVl//ishC719wsiLb/Dp5X1uYebkptR/ToqQkGYvV/1ncc/ ZLHN896IVbPgbUbX+TMMdkvOxyyviq9o0usaoBmwCp/MlSC8yRurfFdl9AgWuzxE hvojMgy4GlEWTPGaUHe1uEO0KV2AjBMAl57V+NHRh19j7+bf1C7nwPLuPOiE4eZW EwZFCZ3L5CvusIcUYPhUFgYNTelojsdyVkdIzyVW1xu3ilFj1dYlwePElk0xMsjz IUwkuUIhI4JplChCTvgEovbseMrxqMckBQyiS2apfiHyEfz8YDgQIQrykmfZf7Wa c4oco9n1BhJ84Q== -----END CERTIFICATE-----Generated at Sun Dec 21 17:23:29 2025 by rpki-client